Information Technology Services

Drop Shadow

What happens when an account is compromised at USD?

Student Staff Faculty Alumni

Beginning February 2010, any user whose account has been compromised will be notified by phone, blocked from their e-mail and Internet use, and required to do the following before their account is reinstated:


1. Allow ITS to verify that their work-provided systems are clean and up-to-date. This includes anti-virus, anti-spyware, and all critical security patches.


2. Acknowledge that their personal computer systems which connect to USD are also clean, patched, and up-to-date.


3. Reread the USD Policy on Responsible Use Computing (and be directed to the ITS Security web site).

 

http://streamer.sandiego.edu/Streamer/StreamPlayer.aspx?id=53ddbfD9S8H&bLW=1

 

Compromised accounts affect the entire university community since they frequently result in Internet Service Providers rejecting all e-mail from USD. Once an institution is “blacklisted,” it can take days to be unblocked. In a recent case where a user’s account login was compromised and used for spamming, Hotmail, Yahoo, Cox Communications, AT&T, Google, Time Warner Road Runner, AOL, and other universities blocked all e-mail coming from sandiego.edu because of the high volume of spam coming from just one compromised account.
 
On the technology front, ITS has taken strong measures to improve e-mail delivery and security. On a typical work day, USD receives 450,000 inbound e-mail messages; approximately 43 percent of those are identified as junk e-mail and blocked with spam filtering devices. In addition, every computer at USD is required to have SafeConnect, to update critical Operating System patches, and to have up-to-date anti-virus applications before connecting to USD's network; virus and spam filtering on USD’s e-mail servers ensure that minimal spam makes it through to you. Still, it takes only one compromised USD account that is taken over for spamming purposes to get the University blacklisted. In order to minimize this problem, ITS needs your help.  We ask that you:


• Never share your passwords or social security number with anyone, under any circumstance.
• Never reply to suspect e-mails or click links that may be inside a suspect e-mail message.
• Always create strong passwords (view password tips).

 

ITS is continually updating security awareness materials.  For more information about cyber-security, please visit our site at: http://www.sandiego.edu/its/security/


USD’s Symantec anti-virus site license agreement allows and extends full use of anti-virus programs for home use to all USD faculty, staff and students for the protection and scanning of their home systems. These can also be downloaded at the security link above.

 

Attached is the presentation that they must read as well as the document that they must sign.


Below is the link where they are able to go and take the quiz for a compromised account:

http://www.sandiego.edu/its/helpdesk/quiz/Security.htm

File Attachments